vSphere ESXi 6.7 Unable to talk between subnets between hosts
Configuration was :
ESXi 6.7 – vSphere handling all the port groups tagged with VLANs
Firewall – CISCO ASA
Problem : New ESXi 6.7 hosts. A virtual machine if on the same host and vSwitch could communicate no problem. However if a virtual machince was communincating with another virtual machine on another host on a different, subnet they were unable to communicate between subnets and hosts. Both virtual machines could ping their local gateways. Firewall, CISCO ASA was just dropping all packets and showing the following error
Error on the Firewall when capturing ping traffic “No source port on ping “Error (Type 8, Code 0), Denied ICMP type=8, code=0”
Solution
Sometimes its the simple tick box on the Firewall / ASA config
“Enable traffic between two or more interfaces which are configured with the same security levels”
All traffic started communicating and the virtual machines could talk between the subnets as per the rules on the Firewall.